Topic: smtp-auth username displayed???

[jumba]

I've noticed that when a user connect to SMTP with SSL on the Sme Server, the following line is included in the mail source:

Code: [Select]

Received: from [aaa.bbb.ccc.ddd] (HELO [10.xxx.xxx.xxx]) (aaa.bbb.ccc.ddd)
  (smtp-auth username XXXX, mechanism plain)


Is there any way to remove that line? The information about tha actual user's username shouldn't be forwarded to third part!

(Mail client: Latest Thunderbird Sme Server 7.4 with all updates applied)

[mmccarn]

This behavior appears to be built into the core of qpsmtpd - if you want it fixed permanently you'll need to pursue the issue upstream with qpsmtpd, then wait (possibly a long time) for the changes to migrate down into SME server.

You may be able to change this behavior by modifying /usr/lib/perl5/site_perl/Qpsmtpd/SMTP.pm (at line #680) as follows:

Code: [Select]

cd /usr/lib/perl5/site_perl/Qpsmtpd
mv SMTP.pm SMTP.pm.org.$$
sed s~smtp-auth\ username\ \$self-\>\{_auth_user\}~smtp-auth\ valid-username~ SMTP.pm.org.$$ > SMTP.pm
This will:
1) Create a backup of SMTP.pm named SMTP.pm.org.#####

2) find the line that says
$authheader = "(smtp-auth username $self->{_auth_user}, mechanism $self->{_auth_mechanism})\n";
and replace it with
$authheader = "(smtp-auth valid-username, mechanism $self->{_auth_mechanism})\n";

If you have any trouble, you will need to manually delete the modified SMTP.pm, then copy or rename the backup.

Caveats:
a) I have little to no idea if this will work.
b) These changes will revert (that is, disappear) any time there is an update to qpsmtpd.noarch / qpsmtpd-0.40-1.11.el4.sme.

[jumba]

OK, thanks for a quick reply.

Well, in that case I'll rather accept this, but still I feel it's quite unnecessary to include this info in the mail headers... :=(

[mmccarn]

...I feel it's quite unnecessary to include this info in the mail headers... :=(

No argument here! 

[CharlieBrady]

No argument here!

If spam is ever sent from your domain you might find it useful.